Thought I would throw this out there in case anyone else has seen the same issues.
At the beginning of May I upgraded SCA to 22.214.171.124. I also converted all connections from Local System to Windows Authentication using the main Bigfix svc account. This account is MO, and has DBO on all dbs on the remote sql server.
Started getting import failures immediately at datasouce SCM::VulnerabilityResult:
ERROR: Sequel::DatabaseError: Java::ComMicrosoftSqlserverJdbc::SQLServerException: User does not have permission to perform this action.
At the suggestion of support, I backup up tem_analytics, renamed and moved the SCA database.yml file, and rebuilt the datasources, which essentially re-indexed the db. Now I am getting the same error but at a different datasource:
2019-06-07 21:34:12 (+0:00:00.000) INFO: ETL after datasource task: from SCM::CheckResult : Start
2019-06-07 21:34:12 (+0:00:00.156) INFO: ETL after datasource task: from SCM::CheckResult : Failed
2019-06-07 21:58:33 (+0:24:21.207) ERROR: Sequel::DatabaseError: Java::ComMicrosoftSqlserverJdbc::SQLServerException: User does not have permission to perform this action.
It was also suggested to add the sysadmin role NTAUTHORITY\SYSTEM to sql studio and change the Compliance service to Local System. My DBA will not allow that,
If the service account that SCA runs under is a Windows svc account and has dbo on the remote tem_analytics db, shouldn’t that cover all permissions in that db?
I have a pmr open right now but they seem stumped and I do not want to lose my legacy compliance data. Have not had a good import since May 1.